[
http://jira.codehaus.org/browse/MSITE-580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263147#action_263147
]
Rafal Figas commented on MSITE-580:
-----------------------------------
The basic problem is that if using SCP protocol (what I assume causes usage of
JSCh) the entry in known_hosts file seems to be not found if it is entry on
ECDSA algorithm. Entry looks like this:
target_host ecdsa-sha2-nistp256 AAAAE2V[...]
If I run mvn site-deploy I will be asked if I want to add this target host to
known_hosts. I shouldn't be, as this host is already in my known_hosts (as
ECDSA entry). If I answer "yes" it causes deletion of previous entry (which
worked fine with command line ssh client). New entry is created, and it is
created for RSA and looks like this:
target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
So, running mvn site-deploy seems to corrupt my original ssh setting, however
finally site gets successfully deployed.
The real problem starts, when you have ECDSA entry in known hosts, and mvn
release:perform runs. This goal invokes site-deploy, however in non-interactive
mode due to:
http://jira.codehaus.org/browse/MRELEASE-424
This causes I cannot answer "yes" on question about adding host into
known_hosts and whole release process hangs at this point.
Workaround is to manually put RSA entry in known hosts and then it works.
However if you don't know this you get confused, because entry for this host IS
in your known_hosts, but site-deploy behaves as it IS NOT. Besides you just
cannot use ECDSA, because every time you run site-deply your entry will get
deleted in favor of RSA.
As far as I know in lates version of OpenSSH the ECDSA becomes default, so this
issue causes that
known_hosts entries will get changed from ECDSA to RSA due to site-plugin
behaviour and ECDSA entries will get deleted.
Frankly speaking I don't know if this is a question of release plugin, site
plugin or wagon or maybe jsch. I dont't have enough knowledge on internals.
Server settings are specified.
If I can provide you any additional information I will be happy to help.
> Site cannot be deployed when part of release plugin, scp method used and
> server uses ECDSA
> ------------------------------------------------------------------------------------------
>
> Key: MSITE-580
> URL: http://jira.codehaus.org/browse/MSITE-580
> Project: Maven 2.x and 3.x Site Plugin
> Issue Type: Bug
> Components: site:deploy
> Affects Versions: 2.2
> Environment: Gentoo Linux, Maven 2.2.1
> Reporter: Rafal Figas
>
> When running mvn release:perform release plugin runs site-deploy.
> Configuration of distribution of site uses SCP protocol. So, when it comes to
> deploy a site SSH connection is being made. However "The authenticity of host
> [target_host] can't be established". What was strange I had no problems in
> calling "ssh target_host". There was no problem with establishing
> authenticity of host, neither with logging in using key. Due to this:
> http://jira.codehaus.org/browse/MRELEASE-424
> it was also impossible to answer the question about adding this key to
> ~/.ssh/known_hosts, so whole build just hang.
> What I noticed my known_hosts file contained something like:
> target_host ecdsa-sha2-nistp256 AAAAE2V[...]
> When I've replaced this entry with:
> target_host,10.0.0.2 ssh-rsa AAAAB3N[...]
> everything started working. Does that mean Release plugin (or Wagon, or
> JSCh?) cannot use ECDSA?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
